Transcript
A (0:00)
From the CISO series. It's Cybersecurity Headlines.
B (0:06)
These are the cybersecurity headlines for Thursday, September 18, 2025. I'm Sarah Lane. Insite Partners warned thousands after ransomware breach Venture capital and private equity firm Insight partners is notifying 12,657 people that their data was stolen in a ransomware attack following a social engineering breach in October of 2024. This included banking, tax, employee and investor information before the firm encrypted servers in January. Insight Partners is now offering affected individuals credit and identity monitoring. No ransomware group has claimed responsibility. Scattered Spider Gang feigns retirement breaks into bank instead Scattered Spider, the group that recently claimed it was retiring, has appeared to infiltrate a US bank, according to researchers at ReliaQuest. The attackers appear to have gained access by social engineering and executive's Microsoft Entra ID account, then moved laterally through Citrix, VPN and VMware systems, stealing credentials and targeting data in Snowflake and AWS. Consumer Reports calls Microsoft hypocritical Consumer Reports is calling out Microsoft for ending free Windows 10 support next month, saying that this will Strand millions of PCs that can't run Windows 11 and pose national security risks. PIRG, iFixit and others have joined in, arguing that users will be forced to pay $30 for extended support, buy new hardware or face degraded security. Consumer Reports says Microsoft should provide free updates, citing survey data showing that most Windows PCs bought since 2019 are still in use and were expected to last through the next OS cycle. SonicWall warns customers to reset credentials SonicWall warned customers to reset credentials after attackers accessed Firewall configuration backup files in fewer than 5% of MySonicWall accounts using Brute force attacks. Those exposed files contained encrypted passwords but also details that could help exploit firewalls. Sonicwall says it's blocked the attacker's access, is working with law enforcement and published guidance for administrators to reset all passwords, keys and tokens. The company says this wasn't ransomware and has no evidence that the stolen files were leaked online. Huge thanks to our sponsor Drata leading security teams Trust Safebase by Drata to turn trust into a growth engine. Its Enterprise Grade Trust center puts your security posture into one secure customer facing portal, giving buyers instant visibility into your company's continuous controls, certifications and policies with AI powered questionnaire assistance. Blast through inbound security questionnaires in minutes instead of days. Automate cross functional workflows and eliminate friction. This means less manual work and faster deal cycles. Win with trust Learn more@SafeBaseIO:TA558 deploys venom ratio:TA558, a threat group tracked as Revenge Hotels is using AI generated scripts in a new phishing campaign targeting hotels in Brazil and Spanish speaking markets. According to Kaspersky, the attacks deliver Venom rat, which is malware that can steal data, act as a proxy and disable security tools while also using anti kill protections and persistence mechanisms. The phishing lures, written in Portuguese and Spanish, carry JavaScript and PowerShell loaders, with evidence that large language models generated portions of the code. The group has apparently targeted hospitality firms in Latin America since at least 2015. CISA seeks more international involvement in cyber vulnerability CISA plans to expand international participation in the Common Vulnerabilities and Exposures or Cisco CVE program, which avoided a funding lapse back in April. Assistant Executive Director Nick Anderson emphasized including global partners like ANISA to improve data quality. Anderson also says management won't shift to another agency, but more U.S. agency engagement is expected. NIST awards more than 3 million to support cybersecurity the U.S. department of Commerce's National Institute of Standards and Technology, known as NIST, is awarding more than $3.3 million in 17 cooperative agreements to organizations across 13 states to address the U.S. cybersecurity workforce shortage. NIST says this leaves 514,000 job openings with roughly 74 qualified workers per 100 jobs. The grants will fund regional alliances and multi stakeholder partnerships to stimulate AKA regional ramps projects that align local workforce needs with government, academia and the private sector. 47 ramps communities in 25 states are now focused on developing skilled cybersecurity professionals. Bridgestone Americas restores network connections after attack Bridgestone Americas has restored network connections across its north and Latin American facilities after a cyber attack disrupted production earlier this month. The company says it's gradually ramping operations back to pre attack levels while investigating the incident with third party experts and federal law enforcement. Bridgestone hasn't disclosed how the attackers gained access, whether customer data was affected or the financial impact. Just when we haven't solved the proliferation of shadow it, we're now dealing with shadow AI. Much is the same, but the newness is the scale and speed of AI advancement. We've been talking about digital transformation in the enterprise for several decades now, so is AI throwing a wrench into our very linear management process? That's what we dig into on our latest episode of Defense In Depth. Look for the episode what new risks does AI introduce? Wherever you get your podcasts and if you happen to be in the Houston area, be sure to join us for our next CISO Series meetup. We'll be at Frost town Brewing on September 29th starting at 3pm network with some fellow CISO series fans. Meet the CISO Series team and get some free food and drink. Who doesn't want that? Our events page@cisoseries.com has more details and we hope to see you there. And as always, if you have thoughts on the news from today or about the show in general, be sure to reach out to us@feedbackisoseries.com we would love to hear from you. I am Sarah Lane reporting for the CISO Series. Thank you for listening and we'll talk to you next time.